Have a D-Link Wireless Router? Find Out If Your Wireless Connection Is an Open Gateway for Hackers
There are many cracks and liabilities which open to cyber criminals and allow them to get into one’s personal data especially through wireless connection.
One of the latest ones is through the popular D-Link DSL wireless router model. The device is apparently open to a software bug that can be utilized by hackers to remotely modify the DNS or Domain Name System settings. The affected routers can be used to hijack the users’ traffic.
What is the ultimate goal of DNS Hijacking?
Cyber criminals hijack the DNS settings of victims in order to reroute the users’ traffic from a legitimate site to a malicious page which is under the control of hackers. All this is done without the knowledge of the user.
This vulnerability is also likely to affect other devices that are connected to the router and not just the main one. Other devices will be affected as well because they are located in one, widely-used D-Link router firmware utilized by different manufacturers.
Which D-Link Wireless Routers are Affected?
A security researcher has discovered a crack which is prevalent in a widely used ZynOS firmware. This firmware coes from the ZyXEL Communications Corporation. It is deployed in network hardware from the TP Link Technologies, D-Link, and ZTE.
The security researcher goes on to identify that the most popular wireless router of D Link which is DSL2740R as well as a host of other D Link wireless router devices such as the DLS-320B are also open to the possibility of DNS hijacking.
Other Router Vulnerability
The previous year was also marked with a similar wireless router vulnerability. This particular crack in wireless connection device was revealed in the web server called RomPager which is from AllegroSoft. It is typically set in the routers’ firmware. The same vulnerability can also be embedded in the firmware of modems as well as other gateway equipment from every other leading manufacturers.
This router vulnerability has put over 10 million households and business establishment routers from a selection of various manufacturers open to DNS hijacking possibility. This includes kit from the D-Link devices, Edimax, TP Link, Huawei, ZyXEL, and ZTE.
What You Need to Know About the Latest Wireless Router Bug
The latest wireless bug which was found in the wireless devices running the open firmware could be an opening to show the internet web servers to the public. This is all the hackers need to remotely configure the wireless devices and access the administrative interface without the need for authentication.
As soon as the cyber criminals have successfully modified the DNS settings via the router, they could perform a host of malicious activities. Such activities include the following:
• The ability to control and reroute network traffic – the hackers will have the capability to prevent the victims of hijacked systems from receiving vital operating system, security, and software updates.
• The capacity to lead the users to malicious websites – hackers can lead the victims to malicious domains which executes phishing. These sites could be a mock-up of well-known domains so as to trick the victims into keying in their personal and sensitive details.
• The ability to replace the ads on legitimate websites – cyber criminals have the ability to replace the ads users see on legitimate sites they visit. The replaced ads will be that of other malicious ones that will entice the users to click through.
• The capability to push more malware – the hackers can further hijack the users’ systems by pushing more malware on the infected routers.
The security research was released into the open internet without the researchers informing the manufacturers of the vulnerable brands. As of the moment, some devices such as the DSL-2740R from D LINK has been pulled out from sale although it is still being supported.